Merge branch 'main' into rbac_least_priviligates

kyma-project · Nov 26, 2024 · 2682cfa · 2682cfa
2 parents c05e888 + e8fe97e
commit 2682cfa
Show file tree

Hide file tree

Showing 10 changed files with 34 additions and 24 deletions.
diff --git a/cmd/main.go b/cmd/main.go
@@ -115,9 +115,7 @@ func main() {
 	flag.BoolVar(&shootSpecDumpEnabled, "shoot-spec-dump-enabled", false, "Feature flag to allow persisting specs of created shoots")
 	flag.BoolVar(&auditLogMandatory, "audit-log-mandatory", true, "Feature flag to enable strict mode for audit log configuration")
 
-	opts := zap.Options{
-		Development: true,
-	}
+	opts := zap.Options{}
 	opts.BindFlags(flag.CommandLine)
 	flag.Parse()
 

diff --git a/hack/runtime-migrator/cmd/main.go b/hack/runtime-migrator/cmd/main.go
@@ -11,18 +11,17 @@ import (
 	"strings"
 	"time"
 
-	"github.com/go-playground/validator/v10"
-	"github.com/kyma-project/infrastructure-manager/pkg/gardener/shoot/extender/auditlogs"
-	v12 "k8s.io/api/core/v1"
-	"k8s.io/apimachinery/pkg/types"
-
 	"github.com/gardener/gardener/pkg/apis/core/v1beta1"
 	gardener_types "github.com/gardener/gardener/pkg/client/core/clientset/versioned/typed/core/v1beta1"
+	"github.com/go-playground/validator/v10"
 	"github.com/kyma-project/infrastructure-manager/hack/runtime-migrator-app/internal/config"
 	kimConfig "github.com/kyma-project/infrastructure-manager/pkg/config"
 	"github.com/kyma-project/infrastructure-manager/pkg/gardener"
 	"github.com/kyma-project/infrastructure-manager/pkg/gardener/kubeconfig"
+	"github.com/kyma-project/infrastructure-manager/pkg/gardener/shoot/extender/auditlogs"
 	"github.com/pkg/errors"
+	v12 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"

diff --git a/hack/runtime-migrator/cmd/migration.go b/hack/runtime-migrator/cmd/migration.go
@@ -3,7 +3,6 @@ package main
 import (
 	"context"
 	"fmt"
-	"github.com/pkg/errors"
 	"log/slog"
 
 	"github.com/gardener/gardener/pkg/apis/core/v1beta1"
@@ -15,6 +14,7 @@ import (
 	"github.com/kyma-project/infrastructure-manager/pkg/config"
 	"github.com/kyma-project/infrastructure-manager/pkg/gardener/kubeconfig"
 	"github.com/kyma-project/infrastructure-manager/pkg/gardener/shoot/extender/auditlogs"
+	"github.com/pkg/errors"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )

diff --git a/hack/runtime-migrator/internal/config/config.go b/hack/runtime-migrator/internal/config/config.go
@@ -3,11 +3,12 @@ package config
 import (
 	"flag"
 	"fmt"
+	"log"
+
 	v1 "github.com/kyma-project/infrastructure-manager/api/v1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/tools/clientcmd"
-	"log"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 

diff --git a/hack/runtime-migrator/internal/migration/output.go b/hack/runtime-migrator/internal/migration/output.go
@@ -3,12 +3,13 @@ package migration
 import (
 	"encoding/json"
 	"fmt"
-	v1 "github.com/kyma-project/infrastructure-manager/api/v1"
-	"github.com/kyma-project/infrastructure-manager/hack/runtime-migrator-app/internal/runtime"
 	"os"
 	"path"
-	"sigs.k8s.io/yaml"
 	"time"
+
+	v1 "github.com/kyma-project/infrastructure-manager/api/v1"
+	"github.com/kyma-project/infrastructure-manager/hack/runtime-migrator-app/internal/runtime"
+	"sigs.k8s.io/yaml"
 )
 
 type OutputWriter struct {

diff --git a/hack/runtime-migrator/internal/runtime/migrator.go b/hack/runtime-migrator/internal/runtime/migrator.go
@@ -3,6 +3,7 @@ package runtime
 import (
 	"context"
 	"fmt"
+
 	"github.com/gardener/gardener/pkg/apis/core/v1beta1"
 	v1 "github.com/kyma-project/infrastructure-manager/api/v1"
 	migrator "github.com/kyma-project/infrastructure-manager/hack/runtime-migrator-app/internal/config"

diff --git a/hack/runtime-migrator/internal/runtime/verifier.go b/hack/runtime-migrator/internal/runtime/verifier.go
@@ -1,14 +1,15 @@
 package runtime
 
 import (
+	"slices"
+
 	"github.com/gardener/gardener/pkg/apis/core/v1beta1"
 	v1 "github.com/kyma-project/infrastructure-manager/api/v1"
 	"github.com/kyma-project/infrastructure-manager/hack/shoot-comparator/pkg/shoot"
 	"github.com/kyma-project/infrastructure-manager/pkg/config"
 	gardener_shoot "github.com/kyma-project/infrastructure-manager/pkg/gardener/shoot"
 	"github.com/kyma-project/infrastructure-manager/pkg/gardener/shoot/extender/auditlogs"
 	"k8s.io/utils/ptr"
-	"slices"
 )
 
 type Verifier struct {

diff --git a/internal/controller/metrics/mocks/Metrics.go b/internal/controller/metrics/mocks/Metrics.go
diff --git a/internal/controller/runtime/fsm/runtime_fsm_patch_shoot.go b/internal/controller/runtime/fsm/runtime_fsm_patch_shoot.go
@@ -2,6 +2,7 @@ package fsm
 
 import (
 	"context"
+	"fmt"
 	"slices"
 
 	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
@@ -67,7 +68,7 @@ func sFnPatchExistingShoot(ctx context.Context, m *fsm, s *systemState) (stateFn
 
 		m.log.Error(err, "Failed to patch shoot object, exiting with no retry")
 		m.Metrics.IncRuntimeFSMStopCounter()
-		return updateStatePendingWithErrorAndStop(&s.instance, imv1.ConditionTypeRuntimeProvisioned, imv1.ConditionReasonProcessingErr, "Shoot patch error")
+		return updateStatePendingWithErrorAndStop(&s.instance, imv1.ConditionTypeRuntimeProvisioned, imv1.ConditionReasonProcessingErr, fmt.Sprintf("Gardener API shoot patch error: %v", err))
 	}
 
 	if updatedShoot.Generation == s.shoot.Generation {

diff --git a/internal/controller/runtime/runtime_controller.go b/internal/controller/runtime/runtime_controller.go
@@ -18,7 +18,7 @@ package runtime
 
 import (
 	"context"
-	"fmt"
+	"sync/atomic"
 
 	"github.com/go-logr/logr"
 	imv1 "github.com/kyma-project/infrastructure-manager/api/v1"
@@ -42,14 +42,13 @@ type RuntimeReconciler struct {
 	Log           logr.Logger
 	Cfg           fsm.RCCfg
 	EventRecorder record.EventRecorder
+	RequestID     atomic.Uint64
 }
 
 //+kubebuilder:rbac:groups=infrastructuremanager.kyma-project.io,resources=runtimes,verbs=get;list;watch;create;update;patch,namespace=kcp-system
 //+kubebuilder:rbac:groups=infrastructuremanager.kyma-project.io,resources=runtimes/status,verbs=get;list;delete;create;update;patch,namespace=kcp-system
 //+kubebuilder:rbac:groups=infrastructuremanager.kyma-project.io,resources=runtimes/finalizers,verbs=get;list;delete;create;update;patch,namespace=kcp-system
 
-var requCounter = 0 // nolint:gochecknoglobals
-
 func (r *RuntimeReconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.Result, error) {
 	r.Log.Info(request.String())
 
@@ -60,10 +59,21 @@ func (r *RuntimeReconciler) Reconcile(ctx context.Context, request ctrl.Request)
 		}, client.IgnoreNotFound(err)
 	}
 
-	r.Log.Info("Reconciling Runtime", "Name", runtime.Name, "Namespace", runtime.Namespace)
+	runtimeID, ok := runtime.Labels["kyma-project.io/runtime-id"]
+	if !ok {
+		runtimeID = runtime.Name
+	}
+
+	shootName, ok := runtime.Labels["kyma-project.io/shoot-name"]
+	if !ok {
+		shootName = "N/D"
+	}
+
+	log := r.Log.WithValues("runtimeID", runtimeID, "shootName", shootName, "requestID", r.RequestID.Add(1))
+	log.Info("Reconciling Runtime", "Name", runtime.Name, "Namespace", runtime.Namespace)
 
 	stateFSM := fsm.NewFsm(
-		r.Log.WithName(fmt.Sprintf("reqID %d", requCounter)),
+		log,
 		r.Cfg,
 		fsm.K8s{
 			Client:        r.Client,